meaningful consent

Privacy compliance is top of mind, not the least of all because of GDRP and Canada’s new mandatory breach notification rules. While you are updating your practices and procedures, do not forget that the Guidelines for obtaining meaningful consent (the “Guidelines”) will apply starting on January 1, 2019.

A key takeaway for organizations is that it is not enough to comply with other provisions in PIPEDA, for example, obtaining meaningful consent. Organizations must still show that their purposes for collecting, using or disclosing personal information are those that a reasonable person would consider appropriate in the circumstances.